Avoid using the key tag in the filename for a key.

[Philip-NLnetLabs]

For the keygen subcommand:

When a zone has multiple keys with the same key tag, making filenames unique using the key tag would fail. Use something like a SHA-2 hash instead. This does not impact the ldns-keygen mode.

[bal-e]

At the moment, dnst-keygen will fail if it has to overwrite any existing files. This means that if another file with the same name K<name>+<alg>+<keytag>.* exists, it won't be overwritten. However, keytag collisions across names and algorithms are not currently detected. Given that e.g. the EDNS key-tag option doesn't account for names and algorithms, only for keytags, I agree that we should check for keytags across names and algorithms. But it's hard to do this comprehensively.

[Philip-NLnetLabs]

we should avoid K++.* because we don't know where they end up. An operator may generate a new key in an empty directory and copy the files somewhere else. Using key tags in filenames is a bad habit we need to get rid of.

We can do two things: one iterate over 'K'* and collect all key tags we can find. The other is to add an option where the user can give a list of files from which to extract key tags.